106.12.13.172 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	no	2020-04-25 13:22:42
attack	2020-04-17T15:39:43.551770luisaranguren sshd[1264692]: Invalid user cj from 106.12.13.172 port 46234 2020-04-17T15:39:45.122813luisaranguren sshd[1264692]: Failed password for invalid user cj from 106.12.13.172 port 46234 ssh2 ...	2020-04-17 16:34:57
attackspambots	Invalid user test from 106.12.13.172 port 56584	2020-04-04 21:21:22
attackbotsspam	5x Failed Password	2020-03-26 08:58:20
attack	Nov 24 07:15:55 MainVPS sshd[14384]: Invalid user colline from 106.12.13.172 port 46314 Nov 24 07:15:55 MainVPS sshd[14384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.172 Nov 24 07:15:55 MainVPS sshd[14384]: Invalid user colline from 106.12.13.172 port 46314 Nov 24 07:15:57 MainVPS sshd[14384]: Failed password for invalid user colline from 106.12.13.172 port 46314 ssh2 Nov 24 07:19:39 MainVPS sshd[21007]: Invalid user tamminga from 106.12.13.172 port 49134 ...	2019-11-24 20:49:45

Comments on same subnet:

IP	Type	Details	Datetime
106.12.132.224	attackspam	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Failed password for invalid user ekim from 106.12.132.224 port 52754 ssh2 Failed password for root from 106.12.132.224 port 36956 ssh2	2020-10-13 00:57:56
106.12.132.224	attackspam	Oct 12 10:14:25 abendstille sshd\[30630\]: Invalid user yoneyama from 106.12.132.224 Oct 12 10:14:25 abendstille sshd\[30630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 Oct 12 10:14:27 abendstille sshd\[30630\]: Failed password for invalid user yoneyama from 106.12.132.224 port 39144 ssh2 Oct 12 10:18:24 abendstille sshd\[3001\]: Invalid user briacheslav from 106.12.132.224 Oct 12 10:18:24 abendstille sshd\[3001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.224 ...	2020-10-12 16:21:33
106.12.130.44	attackspambots	Oct 12 03:55:17 santamaria sshd\[6269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root Oct 12 03:55:19 santamaria sshd\[6269\]: Failed password for root from 106.12.130.44 port 59464 ssh2 Oct 12 03:59:04 santamaria sshd\[6322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.130.44 user=root ...	2020-10-12 12:10:58
106.12.133.225	attack	(sshd) Failed SSH login from 106.12.133.225 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 12:31:56 server5 sshd[22095]: Invalid user test from 106.12.133.225 Oct 10 12:31:56 server5 sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Oct 10 12:31:58 server5 sshd[22095]: Failed password for invalid user test from 106.12.133.225 port 58176 ssh2 Oct 10 12:47:16 server5 sshd[28926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 user=root Oct 10 12:47:18 server5 sshd[28926]: Failed password for root from 106.12.133.225 port 58396 ssh2	2020-10-11 01:23:34
106.12.133.225	attack	Oct 10 06:20:09 scw-gallant-ride sshd[27935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225	2020-10-10 17:16:20
106.12.138.72	attack	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-30 05:02:21
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 21:10:51
106.12.138.72	attackspam	Sep 28 10:46:38 XXX sshd[60152]: Invalid user 51.254.2.202 from 106.12.138.72 port 52994	2020-09-29 13:24:31
106.12.133.225	attackspam	Sep 27 18:18:52 roki sshd[310]: Invalid user soporte from 106.12.133.225 Sep 27 18:18:52 roki sshd[310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 18:18:54 roki sshd[310]: Failed password for invalid user soporte from 106.12.133.225 port 37132 ssh2 Sep 27 18:28:04 roki sshd[1030]: Invalid user colin from 106.12.133.225 Sep 27 18:28:04 roki sshd[1030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 ...	2020-09-28 03:29:21
106.12.133.225	attackspambots	Sep 27 13:39:14 santamaria sshd\[27856\]: Invalid user shun from 106.12.133.225 Sep 27 13:39:14 santamaria sshd\[27856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.133.225 Sep 27 13:39:16 santamaria sshd\[27856\]: Failed password for invalid user shun from 106.12.133.225 port 36374 ssh2 ...	2020-09-27 19:40:23
106.12.130.44	attackspambots	$f2bV_matches	2020-09-25 08:00:23
106.12.13.20	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 18475 proto: tcp cat: Misc Attackbytes: 60	2020-09-24 03:24:15
106.12.133.38	attack	Brute-force attempt banned	2020-09-22 03:39:36
106.12.133.38	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-09-21 19:26:36
106.12.133.38	attackspambots	Sep 20 13:57:07 logopedia-1vcpu-1gb-nyc1-01 sshd[442802]: Failed password for root from 106.12.133.38 port 36926 ssh2 ...	2020-09-21 00:57:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.13.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57479
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.13.172.			IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112400 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 20:49:35 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 172.13.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 172.13.12.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.90.189.215	attackspambots	The opt-out link is not working as it should, I continue receiving the emails	2020-01-30 05:52:19
222.186.175.154	attackbotsspam	Jan 29 18:21:05 firewall sshd[23319]: Failed password for root from 222.186.175.154 port 31964 ssh2 Jan 29 18:21:05 firewall sshd[23319]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 31964 ssh2 [preauth] Jan 29 18:21:05 firewall sshd[23319]: Disconnecting: Too many authentication failures [preauth] ...	2020-01-30 05:25:24
122.51.86.120	attackbots	Jan 29 22:20:50 [host] sshd[20431]: Invalid user nipun from 122.51.86.120 Jan 29 22:20:50 [host] sshd[20431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.86.120 Jan 29 22:20:52 [host] sshd[20431]: Failed password for invalid user nipun from 122.51.86.120 port 48844 ssh2	2020-01-30 05:25:48
77.247.108.243	attackspam	firewall-block, port(s): 50605/udp	2020-01-30 05:57:27
39.107.158.176	attackbotsspam	Multiple failed FTP logins	2020-01-30 05:57:55
222.186.15.166	attackspam	SSH Brute Force, server-1 sshd[22781]: Failed password for root from 222.186.15.166 port 41471 ssh2	2020-01-30 05:45:20
46.199.64.22	attack	CY_RIPE-NCC-HM-MNT_<177>1580332820 [1:2403374:54971] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 46.199.64.22:26387	2020-01-30 05:47:10
62.210.242.66	attackspambots	www.goldgier.de 62.210.242.66 [29/Jan/2020:22:20:55 +0100] "POST /wp-login.php HTTP/1.1" 200 8693 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 62.210.242.66 [29/Jan/2020:22:20:56 +0100] "POST /wp-login.php HTTP/1.1" 200 8693 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-30 05:23:10
222.186.15.10	attack	Unauthorized connection attempt detected from IP address 222.186.15.10 to port 22 [J]	2020-01-30 05:31:04
106.54.25.86	attackspambots	2020-01-30T08:20:34.092087luisaranguren sshd[2819327]: Invalid user nandin@123 from 106.54.25.86 port 58694 2020-01-30T08:20:36.067665luisaranguren sshd[2819327]: Failed password for invalid user nandin@123 from 106.54.25.86 port 58694 ssh2 ...	2020-01-30 05:34:28
221.194.137.28	attack	Unauthorized connection attempt detected from IP address 221.194.137.28 to port 2220 [J]	2020-01-30 05:49:41
197.184.18.5	attack	2019-07-06 06:43:48 1hjcY7-0004T5-TT SMTP connection from $\[197.184.18.5\]$ \[197.184.18.5\]:23014 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 06:43:54 1hjcYD-0004TK-QO SMTP connection from $\[197.184.18.5\]$ \[197.184.18.5\]:23101 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 06:43:59 1hjcYI-0004TO-FS SMTP connection from $\[197.184.18.5\]$ \[197.184.18.5\]:23137 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-30 05:19:18
222.186.173.154	attackspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Failed password for root from 222.186.173.154 port 54322 ssh2 Failed password for root from 222.186.173.154 port 54322 ssh2 Failed password for root from 222.186.173.154 port 54322 ssh2 Failed password for root from 222.186.173.154 port 54322 ssh2	2020-01-30 05:23:38
85.209.3.153	attackbotsspam	firewall-block, port(s): 3324/tcp, 3325/tcp	2020-01-30 05:44:14
139.199.103.153	attackspam	Unauthorized connection attempt detected from IP address 139.199.103.153 to port 2220 [J]	2020-01-30 05:51:18

Recently Reported IPs

52.219.0.145	106.13.120.254	45.227.255.58	125.24.205.220
118.175.173.20	36.233.2.103	138.97.138.81	87.202.77.132
94.70.246.212	87.15.109.105	103.27.200.70	188.213.212.55
117.16.123.204	86.35.37.156	105.159.220.89	37.14.240.100
5.13.137.3	49.115.118.125	188.130.144.108	147.52.44.48